Security features validated by NIST CAVP certifications

17th December 2014

Siobhan O'Gorman

0 0

The completion of nine NIST (National Institute of Standards and Technology) CAVP (Cryptographic Algorithm Validation Program) certifications has been announced by Microsemi. These certifications validate the high levels of security offered by the company’s SmartFusion2 SoC FPGAs and IGLOO2 FPGAs.

The AES encryption/decryption, SHA message digest, HMAC message authentication code and ECC-CDH key establishment algorithms, whose implementations were certified, are all part of the NIST ‘Suite B’ collection. Alongside the private sector, the key and digest sizes have been approved for United States government Secret Level use. The deterministic random bit generator implementation used in these devices is also NIST-certified.

Microsemi’s security platform is suitable for system designers who develop security solutions for commercial, industrial, government and defence wired and wireless data communication, encrypted networking, secure data storage, M2M authentication, missile, information assurance, and anti-tamper applications. The platform is also suitable for applications requiring protection of design IP or end-application data and their associated cryptographic keys against modification, extraction or other forms of tampering.

According to the Aberdeen Group, approximately 50bn machines will be connected by 2020. Therefore, these machines need to be secure at the device, circuit board, box and system levels, as even those which use a NIST Suite B approved algorithm can still be vulnerable to side channel attacks.

As well as being NIST-certified, the company’s FPGAs are claimed to be the only devices on the market with licensed, patented Differential Power Analysis (DPA) countermeasures that increase overall system security by protecting the keys that are used for configuring the FPGA against extraction via DPA. To ensure the user’s end-application keys can also be protected against DPA, all of Microsemi’s devices with cryptography enabled for the end user include a licence from Cryptography Research for the unlimited use of its DPA patent portfolio within the FPGA or SoC FPGA.

The SmartFusion2 SoC FPGAs and IGLOO2 FPGAs are claimed to be the only FPGAs on the market with any built-in cryptographic accelerators or a true random number generator which are available for use by the end application and do not use fabric resources.

"Microsemi has a long track record of providing cryptography products that meet the strictest security requirements for government applications and can now deliver that same level of security to mainstream applications," commented Bruce Weyer, Vice President and Business Unit Manager, Microsemi. "Earning these important certifications for our SoC FPGAs is yet another step forward in our quest to ensure Microsemi has the industry’s most secure solutions that meet or exceed our customers' needs."